public function getInstanceDetails($id) { $measurement = apiDB::getMeasurement($id, get_class($this)); if (empty($measurement->id)) { return self::NO_SUCH_ID; } $user = apiDB::getUserByLocationId($measurement->locationid); if ($_SERVER['PHP_AUTH_USER'] != $user->email && $this->access <= 1) { return self::ACCESS_DENIED; } $this->id = $measurement->id; $this->userid = $measurement->userid; $this->locationid = $measurement->locationid; $this->reading = $measurement->reading; $this->fromdate = $measurement->fromdate; $this->todate = $measurement->todate; $this->note = $measurement->note; // Preserving $this->access however, to retain admin rights. return self::SETUP_OK; }
public function delete_array($array) { if (!empty($array["id"])) { $user = apiDB::getUserByLocationId($array["id"]); if ($_SERVER['PHP_AUTH_USER'] != $user->email && $this->access <= 1) { return "Not authorized to delete location for User " . $user->id; } return apiDB::deleteLocation($array["id"]); } return "ERROR: No location ID specified for deletion"; }